An intrusion in the core of Internet Explorer and a susceptibility in the Remote Desktop Protocol Service head the roster of approximately 117 fixes integrated into Microsoft’s monthly update. Simultaneously, Apple has issued a solution for macOS 15 that revives the operation of certain third-party security utilities.
The occurrence of Patch Tuesday serves as a beneficial prompt for administrators to confirm that applications and security provisions are current.
Exploited Vulnerability in Microsoft Management Console
In spite of earlier indications suggesting that Microsoft’s security vulnerabilities have lessened, the prominent tech company continues to be a favored target for cyber attacks.
Arguably the most severe loophole among the October patch list is CVE-2024-43572, a weakness in Microsoft Management Console that has been utilized malevolently. This vulnerability employs a corrupted .msc file to take control, and Microsoft’s fix prohibits the use of untrusted .msc files. While technically categorized as remote-code execution, perpetrators must engage with a user—possibly through social manipulation—to acquire initial entry.
Microsoft has stated: “The term Remote in the title pertains to the attacker’s location. This form of exploitation is sometimes denoted as Arbitrary Code Execution (ACE). The manipulation itself is conducted locally.”
ADVICE: Stay alert for malicious actors imitating enterprise emails to send counterfeit Microsoft alerts.
Internet Explorer Mechanism Rectified
CVE-2024-43573 originates in the MSHTML framework, the core of Internet Explorer mode within Microsoft Edge.
“The vulnerability enables a perpetrator to deceive users into viewing malicious web content, which may seem legitimate due to the platform’s handling of certain web components,” detailed Nikolas Cemerikic, cybersecurity specialist at Immersive Labs, in correspondence with TechRepublic. “Once a user is duped into engaging with this content (often through phishing tactics), the attacker could potentially obtain unauthorized access to sensitive data or manipulate web services.”
Despite the apparent obsolescence of Internet Explorer, the vulnerability was actively abused.
Microsoft has rectified the vulnerability in the MSHTML platform in its October IE Cumulative Updates release.
Notable Microsoft vulnerabilities fixed in October 2024
The following concerns were resolved on Patch Tuesday in October:
- CVE-2024-6197, a vulnerability in curl which Windows is reissuing as an advisory. This vulnerability could permit remote code execution.
- CVE-2024-43609, enabling a user to falsify a Microsoft Office account to access files.
- CVE-2024-43582, an exploit involving Remote Desktop Protocol service’s use-after-free issue, which might facilitate remote code execution.
Apple’s Intervention to Prevent Disruption of Security Tools
Apple’s update for macOS 15 Sequoia on Oct. 3 included the enhancement “Enhances compatibility with third-party security software.” According to TechCrunch reports, cybersecurity tools from CrowdStrike, SentinelOne, and Microsoft experienced malfunctions on numerous Macs utilizing the new OS.
About Author
